package com.mengniu.commerce.admin.service.auth;

import cn.hutool.core.bean.BeanUtil;
import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.util.ObjectUtil;
import com.mengniu.commerce.admin.api.domain.bo.RemoteSocialBo;
import com.mengniu.commerce.admin.api.domain.vo.RemoteSocialVo;
import com.mengniu.commerce.admin.api.RemoteSocialService;
import com.mengniu.commerce.admin.service.system.ISysConfigService;
import com.mengniu.commerce.admin.service.system.ISysUserService;
import com.mengniu.commerce.common.redis.util.RedisUtils;
import com.mengniu.common.social.mengniu98k.AuthMengniuUser;
import org.springframework.stereotype.Component;
import com.mengniu.commerce.common.core.constant.CacheConstants;
import com.mengniu.commerce.common.core.constant.Constants;
import com.mengniu.commerce.common.core.constant.SecurityConstants;
import com.mengniu.commerce.common.core.constant.UserConstants;
import com.mengniu.commerce.common.core.domain.R;
import com.mengniu.commerce.common.core.enums.UserStatus;
import com.mengniu.commerce.common.core.exception.ServiceException;
import com.mengniu.commerce.common.core.text.Convert;
import com.mengniu.commerce.common.core.utils.StringUtils;
import com.mengniu.commerce.common.core.utils.ip.IpUtils;
import com.mengniu.commerce.common.security.utils.SecurityUtils;
import com.mengniu.commerce.admin.api.RemoteUserService;
import com.mengniu.commerce.admin.api.domain.SysUser;
import com.mengniu.commerce.admin.api.model.LoginUser;

import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;

/**
 * 登录校验方法
 *
 * @author yz_sm
 */
@Component
public class SysLoginService {
    @Resource
    private RemoteUserService remoteUserService;

    @Resource
    private SysPasswordService passwordService;

    @Resource
    private SysRecordLogService recordLogService;

    @Resource
    private RemoteSocialService remoteSocialService;

    @Resource
    private ISysConfigService configService;

    @Resource
    private ISysUserService iSysUserService;

    /**
     * 登录
     */
    public LoginUser login(String username, String password) {
        // 用户名或密码为空 错误
        if (StringUtils.isAnyBlank(username, password)) {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户/密码必须填写");
            throw new ServiceException("用户/密码必须填写");
        }
        // 密码如果不在指定范围内 错误
        if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
                || password.length() > UserConstants.PASSWORD_MAX_LENGTH) {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户密码不在指定范围");
            throw new ServiceException("用户密码不在指定范围");
        }
        // 用户名不在指定范围内 错误
        if (username.length() < UserConstants.USERNAME_MIN_LENGTH
                || username.length() > UserConstants.USERNAME_MAX_LENGTH) {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户名不在指定范围");
            throw new ServiceException("用户名不在指定范围");
        }
        // IP黑名单校验
        String blackStr = Convert.toStr(RedisUtils.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
        if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr())) {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾，访问IP已被列入系统黑名单");
            throw new ServiceException("很遗憾，访问IP已被列入系统黑名单");
        }
        // 查询用户信息
        R<LoginUser> userResult = remoteUserService.getUserInfo(username, SecurityConstants.INNER);

        if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData())) {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "登录用户不存在");
            throw new ServiceException("登录用户：" + username + " 不存在");
        }

        if (R.FAIL == userResult.getCode()) {
            throw new ServiceException(userResult.getMsg());
        }

        LoginUser userInfo = userResult.getData();
        SysUser user = userResult.getData().getSysUser();
        if (UserStatus.DELETED.getCode().equals(user.getDelFlag())) {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起，您的账号已被删除");
            throw new ServiceException("对不起，您的账号：" + username + " 已被删除");
        }
        if (UserStatus.DISABLE.getCode().equals(user.getStatus())) {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用，请联系管理员");
            throw new ServiceException("对不起，您的账号：" + username + " 已停用");
        }
        passwordService.validate(user, password);
        recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功");
        return userInfo;
    }

    /**
     * 蒙牛扫码登录 不需要校验密码
     *
     * @param username
     * @return
     */
    public LoginUser loginByQrCode(String username) {
        // 用户名或密码为空 错误
        if (StringUtils.isAnyBlank(username)) {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户必须填写");
            throw new ServiceException("用户必须填写");
        }
        // 用户名不在指定范围内 错误
        if (username.length() < UserConstants.USERNAME_MIN_LENGTH
                || username.length() > UserConstants.USERNAME_MAX_LENGTH) {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户名不在指定范围");
            throw new ServiceException("用户名不在指定范围");
        }
        // IP黑名单校验
        String blackStr = Convert.toStr(RedisUtils.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
        if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr())) {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾，访问IP已被列入系统黑名单");
            throw new ServiceException("很遗憾，访问IP已被列入系统黑名单");
        }
        // 查询用户信息
        R<LoginUser> userResult = remoteUserService.getUserInfo(username, SecurityConstants.INNER);

        if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData())) {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "登录用户不存在");
            throw new ServiceException("登录用户：" + username + " 不存在");
        }

        if (R.FAIL == userResult.getCode()) {
            throw new ServiceException(userResult.getMsg());
        }

        LoginUser userInfo = userResult.getData();
        SysUser user = userResult.getData().getSysUser();
        if (UserStatus.DELETED.getCode().equals(user.getDelFlag())) {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起，您的账号已被删除");
            throw new ServiceException("对不起，您的账号：" + username + " 已被删除");
        }
        if (UserStatus.DISABLE.getCode().equals(user.getStatus())) {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用，请联系管理员");
            throw new ServiceException("对不起，您的账号：" + username + " 已停用");
        }
        recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功");
        return userInfo;
    }

    public void logout(String loginName) {
        recordLogService.recordLogininfor(loginName, Constants.LOGOUT, "退出成功");
    }

    /**
     * 注册
     */
    public void register(String username, String password) {
        // 用户名或密码为空 错误
        if (StringUtils.isAnyBlank(username, password)) {
            throw new ServiceException("用户/密码必须填写");
        }
        if (username.length() < UserConstants.USERNAME_MIN_LENGTH
                || username.length() > UserConstants.USERNAME_MAX_LENGTH) {
            throw new ServiceException("账户长度必须在2到20个字符之间");
        }
        if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
                || password.length() > UserConstants.PASSWORD_MAX_LENGTH) {
            throw new ServiceException("密码长度必须在5到20个字符之间");
        }

        // 注册用户信息
        SysUser sysUser = new SysUser();
        sysUser.setUserName(username);
        sysUser.setNickName(username);
        sysUser.setPassword(SecurityUtils.encryptPassword(password));
        R<?> registerResult = remoteUserService.registerUserInfo(sysUser, SecurityConstants.INNER);

        if (R.FAIL == registerResult.getCode()) {
            throw new ServiceException(registerResult.getMsg());
        }
        recordLogService.recordLogininfor(username, Constants.REGISTER, "注册成功");
    }

    /**
     * 绑定第三方用户
     *
     * @param authUserData 授权响应实体
     */
    public SysUser socialRegister(AuthMengniuUser authUserData) {
        Long userId = 0L;
        SysUser sysUser = iSysUserService.selectUserByUserName(authUserData.getUsername());
        if (ObjectUtil.isNull(sysUser)) {
            /*sysUser=new SysUser();
            String password = configService.selectConfigByKey("sys.user.initPassword");
            sysUser.setAvatar(authUserData.getAvatar());
            sysUser.setUserName(authUserData.getUsername());
            sysUser.setPassword(SecurityUtils.encryptPassword(password));
            sysUser.setNickName(authUserData.getNickname());
            sysUser.setPhonenumber(authUserData.getMobile());
            iSysUserService.insertUser(sysUser);
            userId = sysUser.getUserId();*/
            throw new ServiceException("蒙牛工号未绑定后台管理系统，请联系管理员审核录入！");
        }
        sysUser.setAvatar(authUserData.getAvatar());
        sysUser.setUserName(authUserData.getUsername());
        sysUser.setNickName(authUserData.getNickname());
        sysUser.setPhonenumber(authUserData.getMobile());
        userId = sysUser.getUserId();
        iSysUserService.updateUser(sysUser);


        String authId = authUserData.getSource() + authUserData.getUuid();
        // 第三方用户信息
        RemoteSocialBo bo = BeanUtil.toBean(authUserData, RemoteSocialBo.class);
        BeanUtil.copyProperties(authUserData.getToken(), bo);
        bo.setAuthId(authId);
        bo.setOpenId(authUserData.getUuid());
        bo.setUserName(authUserData.getUsername());
        bo.setNickName(authUserData.getNickname());
        bo.setUserId(userId);
        // 查询是否已经绑定用户
        R<List<RemoteSocialVo>> r = remoteSocialService.selectByAuthId(authId);
        if (!R.isSuccess(r)) {
            throw new ServiceException(r.getMsg());
        }
        List<RemoteSocialVo> list = Optional.ofNullable(r.getData()).orElse(new ArrayList<>());
        if (CollUtil.isEmpty(list)) {
            // 没有绑定用户, 新增用户信息
            remoteSocialService.insertByBo(bo);
        } else {
            // 更新用户信息
            bo.setId(list.get(0).getId());
            remoteSocialService.updateByBo(bo);
        }
        return sysUser;
    }
}
